Skip to Content
Last modified by Alexandru Pentilescu on 2024/07/16 22:44
From version 16.1
edited by Alexandru Pentilescu
on 2024/07/16 22:20
Change comment: There is no comment for this version
To version 18.1
edited by Alexandru Pentilescu
on 2024/07/16 22:28
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -223,4 +223,21 @@
223 223  
224 224  You might wonder why we're changing a file on the host filesystem and not inside the docker, where the relevant SSH service is running. The reason for this is, remember, this particular directory is already mapped in our docker-compose.yml file, so it exists in both the host machine and in the docker container, simultaneously. All changes that take place to it on the host will reflect inside the container.
225 225  
226 -Please do note that registering the git user's public key has to be done using the above commands **AND NOT THROUGH THE WEB INTERFACE, LIKE IN THE PREVIOUS STEP** (I already lost 2 days investigating why this thing didn't work because I didn't pay attention to this step )
226 +Please do note that registering the git user's public key has to be done using the above commands **AND NOT THROUGH THE WEB INTERFACE, LIKE IN THE PREVIOUS STEP** (I already lost 2 days investigating why this thing didn't work because I didn't pay attention to this step)
227 +
228 +== Write an SSH Shim script ==
229 +
230 +Here, we'll need to generate a script at "/usr/local/bin/gitea" owned by root:root and with chmod 755 with the following contents:
231 +
232 +{{code language="bash"}}
233 +#!/bin/sh
234 +ssh -p 2200 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
235 +{{/code}}
236 +
237 +This script might seem confusing, at first glance, especially since there's another, entirely different "/usr/local/bin/gitea" script that exists in the docker container.
238 +
239 +The script above will simply forward all incoming SSH connections that originally came to the host server and sends them to the docker container (specifically to localhost port 2200 which, according to the yaml file above, is mapped to port 22 inside the container). There, the container will run the command that was originally sent to the host machine inside of itself and return the result to the original outside client.
240 +
241 +You may be thinking "But how does the host SSH server know when to run this script to forward requests inside the container and when not to forward requests?". Basically, this is done via the /home/git/.ssh/authorized_keys file.
242 +
243 +When we added all those public keys at step [[Guides/How%20to%20set%20up%20a%20gitea%20docker%20instance/#HGenerateaproperpublic2FprivatekeypairforalltheaccountsthatneedtousegitviaSSHwith]]